Cybersecurity Application Security EngineerNelnet Servicing • Saint Paul, Illinois, United States
Cybersecurity Application Security Engineer
Nelnet Servicing
- Saint Paul, Illinois, United States
- Saint Paul, Illinois, United States
À propos
This position requires work in support of the Company’s contract with the United States Department of Education (“ED”). As such, the United States Government requires that any applicant for this position must complete United States Government security clearance. Effective June 1, 2018, ED has informed Nelnet that security clearance applications for foreign nationals are not being accepted or processed. In light of this direction from ED, Nelnet will be unable to hire applicants without United States citizenship for such positions. Candidates must already be authorized to work in the United States without the need for current or future sponsorship.
Job Description
Manual Source Code Review
SAST/DAST scanning
Expand the Security Champions program
Develop automated source code review processes
Work with product teams to ensure secure SDLC processes are in place
Provide detailed vulnerability reports to businesses
Experience
2–4 years of hands‑on application security experience
Experience integrating security tooling and automated checks into CI/CD pipelines
Familiarity and experience with OWASP Top 10 and web testing methodologies
Experience with effectively assessing and communicating risks and appropriate levels of urgency to management and engineering staff
Experience with technical report writing and communication
Competencies – Skills/Knowledge/Abilities
Strong manual code review experience in at least one major language (Java, JavaScript/TypeScript, C#, PHP, etc.)
Solid threat‑modeling expertise (STRIDE, attack trees, misuse cases) for both traditional systems and AI/LLM‑integrated features
Proficiency with SAST, SCA, DAST, web and mobile pentesting, container scanners, secrets‑detection tools, and ideally AI‑security scanning platforms
Experience integrating security tooling and automated checks into CI/CD pipeline
Scripting/automation skills (Python, Bash, Node) for building custom tooling and automating manual processes
Good understanding of AI/LLM attack surfaces including prompt injection, insecure output handling, model‑data leakage, and RAG vulnerabilities
Strong knowledge of web/API security concepts (session management, secure storage, transport security)
Excellent organizational, presentation, verbal, and written communication skills
Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff
Aptitude for self‑study, setting and achieving long‑term goals
Actively seeks to remain technically current and increase expertise and abilities
Challenges prevailing assumptions when appropriate
Willing to adapt to changing technology and business landscapes
Considers change as opportunities to be challenged and grow
Ability to adapt style of communications to match audience and information sharing needs
Wants
Experience performing secure code reviews or building internal developer tooling.
Previous work with AI or LLM‑integrated applications, model security, or prompt safety.
Experience with mobile security, reverse engineering, or platform‑specific secure coding.
Certifications such as OSWE, OSCP, GWAPT, GCSA, GCPN, or ML security certs (not required but beneficial).
Ability to mentor junior developers/engineers in secure design and coding practices.
Pay range for this role is $90,000–$125,000 annually, depending on experience.
Benefits Our benefits package includes medical, dental, vision, HSA and FSA, generous earned time off, 401(k) with student loan repayment, life insurance & AD&D insurance, employee assistance program, employee stock purchase program, tuition reimbursement, performance‑based incentive pay, short‑ and long‑term disability, and a robust wellness program.
EEO Statement Nelnet is a Drug‑Free Workplace and is committed to providing a welcoming and respectful workplace where all associates have the opportunity to succeed. As an Equal Opportunity Employer, we ensure that all qualified applicants are considered for employment. Employment decisions are made without regard to race, color, religion/creed, national origin, gender, sex, marital status, age, disability, use of a guide dog or service animal, sexual orientation, military/veteran status, or any other status protected by federal, state, or local law. Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Corporate Recruiting at 402‑486‑5725 or contacting corporate recruiting at nelnet.net.
#J-18808-Ljbffr
Compétences linguistiques
- English
Avis aux utilisateurs
Cette offre provient d’une plateforme partenaire de TieTalent. Cliquez sur « Postuler maintenant » pour soumettre votre candidature directement sur leur site.